lib: add safe text transform methods to primordials

aduh95 · aduh95 · commit 43ddf4634aad · 2021-06-10T17:55:17.000+02:00
diff --git a/lib/internal/per_context/primordials.js b/lib/internal/per_context/primordials.js
@@ -225,6 +225,8 @@ function copyPrototype(src, dest, prefix) {
   copyPrototype(original.prototype, primordials, `${name}Prototype`);
 });
 
+const { String } = primordials;
+
 // Create copies of abstract intrinsic objects that are not directly exposed
 // on the global object.
 // Refs: https://tc39.es/ecma262/#sec-%typedarray%-intrinsic-object
@@ -248,20 +250,208 @@ function copyPrototype(src, dest, prefix) {
 
 const {
   ArrayPrototypeForEach,
+  Error,
   FinalizationRegistry,
   FunctionPrototypeCall,
   Map,
+  MathMax,
+  MathMin,
+  ObjectCreate,
+  ObjectDefineProperties,
   ObjectFreeze,
   ObjectSetPrototypeOf,
   Promise,
   PromisePrototypeThen,
+  RegExp,
+  RegExpPrototype,
+  RegExpPrototypeExec,
+  RegExpPrototypeGetUnicode,
+  RegExpPrototypeGetSticky,
+  RegExpPrototypeSymbolMatch,
+  RegExpPrototypeSymbolReplace,
+  RegExpPrototypeSymbolSearch,
   Set,
+  StringPrototypeReplace,
+  StringPrototypeReplaceAll,
+  StringPrototypeSlice,
+  StringPrototypeSplit,
   SymbolIterator,
+  SymbolMatch,
+  SymbolMatchAll,
+  SymbolReplace,
+  SymbolSearch,
+  SymbolSplit,
   WeakMap,
   WeakRef,
   WeakSet,
 } = primordials;
 
+{
+  const undefinedDesc = ObjectCreate(null);
+  undefinedDesc.value = undefined;
+  const safeTextTransformProperties = {
+    [SymbolMatch]: undefinedDesc,
+    [SymbolMatchAll]: undefinedDesc,
+    [SymbolReplace]: undefinedDesc,
+    [SymbolSearch]: undefinedDesc,
+    [SymbolSplit]: undefinedDesc,
+    exec: undefinedDesc,
+  };
+  const defineRegExpGetter = (name) => {
+    safeTextTransformProperties[name] =
+      ReflectGetOwnPropertyDescriptor(RegExpPrototype, name);
+  };
+  defineRegExpGetter('flags');
+  defineRegExpGetter('global');
+  defineRegExpGetter('ignoreCase');
+  defineRegExpGetter('multiline');
+  defineRegExpGetter('dotAll');
+  defineRegExpGetter('unicode');
+  defineRegExpGetter('sticky');
+  ObjectFreeze(safeTextTransformProperties);
+
+  const toSafeRegex = (stringOrRegex) =>
+    ObjectDefineProperties(stringOrRegex, safeTextTransformProperties);
+  const toSafeString = (string) => toSafeRegex(new String(string));
+  primordials.makeSafeStringObject = toSafeString;
+
+  /**
+   * @param {string} thisString
+   * @param {string} needle
+   * @returns {string[]}
+   */
+  primordials.SafeStringPrototypeMatch = (thisString, needle) =>
+    RegExpPrototypeSymbolMatch(toSafeRegex(new RegExp(needle)), thisString);
+
+  /**
+   * @param {string} thisStr
+   * @param {string} needle
+   * @returns {string[]}
+   */
+  primordials.SafeStringPrototypeMatchAll = (thisStr, needle) =>
+    RegExpPrototypeSymbolMatch(toSafeRegex(new RegExp(needle, 'g')), thisStr);
+
+  /**
+   * @param {string} thisStr
+   * @param {string} searchVal
+   * @param {string | (substring: string, ...args: any[]) => string} replaceVal
+   * @returns {string}
+   */
+  primordials.SafeStringPrototypeReplace = (thisStr, searchVal, replaceVal) =>
+    StringPrototypeReplace(thisStr, toSafeString(searchVal), replaceVal);
+
+  /**
+   * @param {string} thisStr
+   * @param {string} searchVal
+   * @param {string | (substring: string, ...args: any[]) => string} replaceVal
+   * @returns {string}
+   */
+  primordials.SafeStringPrototypeReplaceAll =
+  (thisStr, searchVal, replaceVal) =>
+    StringPrototypeReplaceAll(thisStr, toSafeString(searchVal), replaceVal);
+
+  /**
+   * @param {string} thisString
+   * @param {string} needle
+   * @returns {number}
+   */
+  primordials.SafeStringPrototypeSearch = (thisString, needle) =>
+    RegExpPrototypeSymbolSearch(toSafeRegex(new RegExp(needle)), thisString);
+
+  /**
+   * @param {string} thisString
+   * @param {string} splitter
+   * @param {number} [limit]
+   * @returns {string}
+   */
+  primordials.SafeStringPrototypeSplit = (thisString, splitter, limit) =>
+    StringPrototypeSplit(thisString, toSafeString(splitter), limit);
+
+  /**
+   * @param {RegExp} thisRegex
+   * @param {string} string
+   * @returns {string[]}
+   */
+  primordials.SafeRegExpPrototypeSymbolMatch = (thisRegex, string) =>
+    RegExpPrototypeSymbolMatch(toSafeRegex(thisRegex), string);
+
+  /**
+   * @param {RegExp} thisRegex
+   * @param {string} string
+   * @param {string | (substring: string, ...args: any[]) => string} replaceVal
+   * @returns {string}
+   */
+  primordials.SafeRegExpPrototypeSymbolReplace =
+    (thisRegex, string, replaceVal) =>
+      RegExpPrototypeSymbolReplace(toSafeRegex(thisRegex), string, replaceVal);
+
+  /**
+   * @param {RegExp} thisRegex
+   * @param {string} string
+   * @returns {number}
+   */
+  primordials.SafeRegExpPrototypeSymbolSearch = (thisRegex, string) =>
+    RegExpPrototypeSymbolSearch(toSafeRegex(thisRegex), string);
+
+  /**
+   * Re-implementation of `RegExp.prototype [ @@split ]` that do not rely on
+   * user-mutable methods.
+   * @ref https://tc39.es/ecma262/#sec-regexp.prototype-@@split
+   * @param {RegExp} splitter
+   * @param {string} string
+   * @param {number} [limit]
+   * @returns {string[]}
+   */
+  primordials.SafeRegExpPrototypeSymbolSplit = (splitter, string, limit) => {
+    if (!RegExpPrototypeGetSticky(splitter))
+      // eslint-disable-next-line no-restricted-syntax
+      throw new Error('You must use sticky flag (y).');
+    if (RegExpPrototypeGetUnicode(splitter))
+      // eslint-disable-next-line no-restricted-syntax
+      throw new Error('Unicode matching regex not supported');
+    const S = string;
+    const A = [];
+    let lengthA = 0;
+    if (limit === 0) return A;
+    const size = S.length;
+    if (size === 0) {
+      const z = RegExpPrototypeExec(splitter, S);
+      if (z === null) A[0] = S;
+      return A;
+    }
+
+    let p = 0;
+    let q = p;
+    while (q < size) {
+      splitter.lastIndex = q;
+      const z = RegExpPrototypeExec(splitter, S);
+      if (z === null) q++;
+      else {
+        const e = MathMin(splitter.lastIndex, size);
+        if (e === p) q++;
+        else {
+          const T = StringPrototypeSlice(S, p, q);
+          A[lengthA++] = T;
+          if (lengthA === limit) return A;
+          p = e;
+          const numberOfCaptures = MathMax(z.length - 1, 0);
+          for (let i = 1; i <= numberOfCaptures; i++) {
+            const nextCapture = z[i];
+            A[lengthA++] = nextCapture;
+            if (lengthA === limit) return A;
+          }
+          q = p;
+        }
+      }
+    }
+    A[lengthA] = StringPrototypeSlice(S, p, size);
+    return A;
+  };
+
+  primordials.SafeRegExpPrototypeTest = (thisRegex, string) =>
+    RegExpPrototypeExec(thisRegex, string) !== null;
+}
+
 // Because these functions are used by `makeSafe`, which is exposed
 // on the `primordials` object, it's important to use const references
 // to the primordials that they use:
diff --git a/test/parallel/test-primordials-textTransform.js b/test/parallel/test-primordials-textTransform.js
@@ -0,0 +1,95 @@
+// Flags: --expose-internals
+'use strict';
+
+const common = require('../common');
+const assert = require('assert');
+
+const {
+  SafeRegExpPrototypeSymbolMatch,
+  SafeRegExpPrototypeSymbolReplace,
+  SafeRegExpPrototypeSymbolSearch,
+  SafeRegExpPrototypeTest,
+  SafeRegExpPrototypeSymbolSplit,
+  SafeStringPrototypeMatch,
+  SafeStringPrototypeMatchAll,
+  SafeStringPrototypeSearch,
+  SafeStringPrototypeReplace,
+  SafeStringPrototypeReplaceAll,
+  SafeStringPrototypeSplit,
+} = require('internal/test/binding').primordials;
+
+const defineRegExpGetter = (name) =>
+  Reflect.defineProperty(RegExp.prototype, name, {
+    get: common.mustNotCall(`get RegExp.prototype.${name}`),
+  });
+
+RegExp.prototype[Symbol.match] = common.mustNotCall(
+  'RegExp.prototype[@@match]'
+);
+RegExp.prototype[Symbol.matchAll] = common.mustNotCall(
+  'RegExp.prototype[@@matchAll]'
+);
+RegExp.prototype[Symbol.replace] = common.mustNotCall(
+  'RegExp.prototype[@@replace]'
+);
+RegExp.prototype[Symbol.search] = common.mustNotCall(
+  'RegExp.prototype[@@search]'
+);
+RegExp.prototype[Symbol.split] = common.mustNotCall(
+  'RegExp.prototype[@@split]'
+);
+RegExp.prototype.exec = common.mustNotCall('RegExp.prototype.exec');
+[
+  'flags',
+  'global',
+  'ignoreCase',
+  'multiline',
+  'dotAll',
+  'unicode',
+  'sticky',
+].forEach(defineRegExpGetter);
+
+String.prototype[Symbol.match] = common.mustNotCall(
+  'String.prototype[@@match]'
+);
+String.prototype[Symbol.matchAll] = common.mustNotCall(
+  'String.prototype[@@matchAll]'
+);
+String.prototype[Symbol.replace] = common.mustNotCall(
+  'String.prototype[@@replace]'
+);
+String.prototype[Symbol.search] = common.mustNotCall(
+  'String.prototype[@@search]'
+);
+String.prototype[Symbol.split] = common.mustNotCall(
+  'String.prototype[@@split]'
+);
+
+{
+  const expected = ['o'];
+  expected.groups = undefined;
+  expected.input = 'foo';
+  expected.index = 1;
+  assert.deepStrictEqual(SafeStringPrototypeMatch('foo', 'o'), expected);
+}
+
+assert.deepStrictEqual(SafeStringPrototypeMatchAll('foo', 'o'),
+                       ['o', 'o']);
+
+assert.strictEqual(SafeStringPrototypeReplace('foo', 'o', 'a'), 'fao');
+assert.strictEqual(SafeStringPrototypeReplaceAll('foo', 'o', 'a'), 'faa');
+assert.strictEqual(SafeStringPrototypeSearch('foo', 'o'), 1);
+assert.deepStrictEqual(SafeStringPrototypeSplit('foo', 'o'), ['f', '', '']);
+
+{
+  const expected = ['o'];
+  expected.groups = undefined;
+  expected.input = 'foo';
+  expected.index = 1;
+  assert.deepStrictEqual(SafeRegExpPrototypeSymbolMatch(/o/, 'foo'), expected);
+}
+
+assert.strictEqual(SafeRegExpPrototypeSymbolReplace(/o/, 'foo', 'a'), 'fao');
+assert.strictEqual(SafeRegExpPrototypeSymbolSearch(/o/, 'foo'), 1);
+assert.deepStrictEqual(SafeRegExpPrototypeSymbolSplit(/o/y, 'foo'), ['f', '', '']);
+assert.strictEqual(SafeRegExpPrototypeTest(/o/, 'foo'), true);
